๐ง๐ช
cmbplf
2026-07-08 11:34:56
(1 day ago)
27.516 requests with url.path //xmlrpc.php
Brute-Force
Bad Web Bot
Anonymous
2026-07-08 09:01:40
(1 day ago)
XSS Attempt
Hacking
๐บ๐ธ
Lee Daniel
2026-07-08 08:55:54
(1 day ago)
136.66.224.59 - - [08/Jul/2026:04:55:53 -0400] "GET //blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 ...
show more
136.66.224.59 - - [08/Jul/2026:04:55:53 -0400] "GET //blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 4812 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
136.66.224.59 - - [08/Jul/2026:04:55:53 -0400] "GET //web/wp-includes/wlwmanifest.xml HTTP/1.1" 404 4812 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
136.66.224.59 - - [08/Jul/2026:04:55:53 -0400] "GET //wordpress/wp-includes/wlwmanifest.xml HTTP/1.1" 404 4812 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
136.66.224.59 - - [08/Jul/2026:04:55:53 -0400] "GET //wp/wp-includes/wlwmanifest.xml HTTP/1.1" 404 4812 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
136.66.224.59 - - [08/Jul/2026:04:55:54 -0400] "GET //2020/wp-includes/wlwmanifest.xml HTT
...
show less
DDoS Attack
Web Spam
Email Spam
Port Scan
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 08:55:53
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 136.66.224.59 (59.224.66.136.bc.googleuserconte ...
show more
(mod_security) mod_security (id:225170) triggered by 136.66.224.59 (59.224.66.136.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 04:55:49.201178 2026] [security2:error] [pid 25637:tid 25637] [client 136.66.224.59:61369] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.axiomemail.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.axiomemail.net"] [uri "/wp-json/wp/v2/users/"] [unique_id "ak4Qld5HmDlylyrtQVkfIgAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
big-cloud.nl
2026-07-08 08:53:01
(1 day ago)
Try to access /xmlrpc.php?rsd
Web App Attack
๐จ๐ญ
backslash
2026-07-08 08:51:00
(1 day ago)
block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8
Bad Web Bot
๐ณ๐ฟ
Antinson
2026-07-08 08:28:29
(1 day ago)
Scraping with a high error ratio and request rate
Bad Web Bot
๐ฉ๐ช
seal
2026-07-08 08:15:08
(1 day ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-probing
SSH
Brute-Force
๐ฉ๐ช
stinpriza
2026-07-08 08:12:44
(1 day ago)
common Web Exploits being scanned
Web App Attack
๐ซ๐ท
SpaceHost-Server
2026-07-08 08:10:12
(1 day ago)
136.66.224.59 - - [08/Jul/2026:10:10:10 +0200] "POST //xmlrpc.php HTTP/1.1" 200 6356 "-" "Mozilla/5. ...
show more
136.66.224.59 - - [08/Jul/2026:10:10:10 +0200] "POST //xmlrpc.php HTTP/1.1" 200 6356 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
136.66.224.59 - - [08/Jul/2026:10:10:10 +0200] "POST //xmlrpc.php HTTP/1.1" 200 6356 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
136.66.224.59 - - [08/Jul/2026:10:10:11 +0200] "POST //xmlrpc.php HTTP/1.1" 200 6356 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
show less
Hacking
Web App Attack
๐จ๐ญ
Origon
2026-07-08 08:06:37
(1 day ago)
http-probing - IP: 136.66.224.59 - time="2026-07-08T10:06:37+02:00" level=info msg="(555f66b4f6a745 ...
show more
http-probing - IP: 136.66.224.59 - time="2026-07-08T10:06:37+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-probing by ip 136.66.224.59 (US/396982) : 4h ban on Ip 136.66.224.59" module=db
show less
Web App Attack
Anonymous
2026-07-08 08:06:04
(1 day ago)
Trying to access config files
Web App Attack
Anonymous
2026-07-08 08:05:41
(1 day ago)
Automatically blocked after 10 security events. Observed repeated web application attack probes. Sou ...
show more
Automatically blocked after 10 security events. Observed repeated web application attack probes. Source: Cloudflare security controls.
show less
Hacking
Web App Attack
๐ฎ๐น
VHosting
2026-07-08 08:00:05
(1 day ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 07:52:34
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 136.66.224.59 (59.224.66.136.bc.googleuserconte ...
show more
(mod_security) mod_security (id:225170) triggered by 136.66.224.59 (59.224.66.136.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 03:52:28.564694 2026] [security2:error] [pid 27543:tid 27543] [client 136.66.224.59:58645] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||ashwoodsecurity.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ashwoodsecurity.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ak4BvCBGmqLA3NVrZzJbXgAAABs"]
show less
Brute-Force
Bad Web Bot
Web App Attack